Senior Security Engineer, Offensive Security

Job Posted 6 Days Ago Posted 6 Days Ago
Be an Early Applicant
Remote
168K-297K Annually
Senior level
Blockchain • eCommerce • Fintech • Payments • Software • Financial Services • Cryptocurrency
Our purpose is economic empowerment.
The Role
As a Senior Security Engineer in Offensive Security, you'll lead crucial security initiatives, conduct penetration tests, and guide teams in identifying and mitigating security risks. You'll actively improve security designs and share insights with cross-functional teams while mentoring peers and supporting incident responses.
Summary Generated by Built In

Block is one company built from many blocks, all united by the same purpose of economic empowerment. The blocks that form our foundational teams - People, Finance, Counsel, Hardware, Information Security, Platform Infrastructure Engineering, and more - provide support and guidance at the corporate level. They work across business groups and around the globe, spanning time zones and disciplines to develop inclusive People policies, forecast finances, give legal counsel, safeguard systems, nurture new initiatives, and more. Every challenge creates possibilities, and we need different perspectives to see them all. Bring yours to Block.
The Role
Protect the Future of Finance:
Join Block's Offensive Security Team as a Senior Security Engineer, driving impactful security initiatives across teams and organizational boundaries. You'll identify critical areas to improve, applying your expertise to safeguard our systems and uphold customer trust. Your work will shape our security posture, keep us ahead of emerging threats, and secure the financial systems of tomorrow.
About the team:
Offensive Security & Design team emulates attackers to find vulnerabilities throughout Block, and inform remediation. We surface issues and offer technical expertise, without mandating deadlines. We don't throw security problems over the wall. We understand the struggle of our engineers and provide contextual guidance for a diverse, complex and cutting edge tech stack that enables the business. We don't work in isolation, engineering and security teams at Block are your partners. We collaborate with our partners at every opportunity we can find and place the needs of our partners at the highest priority.
Your Mission:
You'll immerse yourself in our tech stack to gain an understanding of our infrastructure, applications and services, including their security boundaries.
You Will

  • Identify and lead critical security initiatives.
  • Conduct penetration tests, source code reviews, threat models, and design reviews to identify and mitigate security risks. Create exploits that demonstrate impact.
  • Commit small PRs to directly fix security issues, rather than waiting for teams to address them.
  • Identify gaps in existing designs and improve them to ensure security is integrated from the ground up.
  • Communicate critical security findings to cross-functional teams, providing context, applicable remediation steps, and hands-on guidance throughout the resolution process.
  • Lift skills and expertise of your teammates
  • Be an excellent source of insights and wisdom on security topics.
  • Support incident response efforts and reproduce bug bounty reports to ensure analysis resolutions.
  • Guide the direction of the team to ensure team's success.


You Have

  • 10+ years experience in penetration testing, threat modeling and security engineering.
  • Expertise in appsec and cloudsec and are proficient in infrastructure as code, CI/CD and supply chain security.
  • The ability to work independently, managing multiple projects with ease and navigating technically complex apps and services.
  • Experience mentoring others on the team
  • [Even Better]
  • Expertise in modern secure design patterns
  • Knowledge about cryptocurrencies, wallets and storage.
  • Understanding of GenAI security topics
  • Conference presentations on AppSec/OffSec topics
  • Published CVEs / responsibly disclosed bugs


What You'll Get

  • The opportunity to make a real impact on the security of our applications and the financial industry as a whole.
  • A collaborative and dynamic work environment with an exceptional team of security engineers.
  • Freedom to do security research that has the potential to have a deep impact on Block.
  • An environment where conference presentations are highly encouraged.


We're working to build a more inclusive economy where our customers have equal access to opportunity, and we strive to live by these same values in building our workplace. Block is an equal opportunity employer evaluating all employees and job applicants without regard to identity or any legally protected class. We also consider qualified applicants with criminal histories for employment on our team, and always assess candidates on an individualized basis.We believe in being fair, and are committed to an inclusive interview experience, including providing reasonable accommodations to disabled applicants throughout the recruitment process. We encourage applicants to share any needed accommodations with their recruiter, who will treat these requests as confidentially as possible. Want to learn more about what we're doing to build a workplace that is fair and square? Check out our I+D page .Block will consider qualified applicants with arrest or conviction records for employment in accordance with state and local laws and "fair chance" ordinances.
Block takes a market-based approach to pay, and pay may vary depending on your location. U.S. locations are categorized into one of four zones based on a cost of labor index for that geographic area. The successful candidate's starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. These ranges may be modified in the future.
To find a location's zone designation, please refer to this resource . If a location of interest is not listed, please speak with a recruiter for additional information.
Zone A:
$217,800 - $326,800 USD
Zone B:
$207,000 - $310,400 USD
Zone C:
$196,100 - $294,100 USD
Zone D:
$185,200 - $277,800 USD
Every benefit we offer is designed with one goal: empowering you to do the best work of your career while building the life you want. Remote work, medical insurance, flexible time off, retirement savings plans, and modern family planning are just some of our offering. Check out our other benefits at Block.
Block, Inc. (NYSE: XYZ) builds technology to increase access to the global economy. Each of our brands unlocks different aspects of the economy for more people. Square makes commerce and financial services accessible to sellers. Cash App is the easy way to spend, send, and store money. Afterpay is transforming the way customers manage their spending over time. TIDAL is a music platform that empowers artists to thrive as entrepreneurs. Bitkey is a simple self-custody wallet built for bitcoin. Proto is a suite of bitcoin mining products and services. Together, we're helping build a financial system that is open to everyone.

Top Skills

Penetration Testing
Security Engineering
Threat Modeling

What the Team is Saying

Person1
Scott Maher
Engineering Lead
“In Compliance Engineering, we work across all product teams and have the space to really understand how new features will improve the lives of customers. Since all data streams to us, we can design systems that solve entire categories of problems, like visualizing money flow, cryptocurrencies, and stopping bad actors from causing harm.“
Scott Maher
David Grodsky
Victoria Fan Azalde
Ahmed Ali Bob
Lynette Johnson McGee
Cesar Alaniz
Khiry Shank
The Company
Oakland, CA
12,000 Employees
Hybrid Workplace
Year Founded: 2009

What We Do

Block, Inc. (NYSE: SQ) is a global technology company with a focus on financial services. Made up of Square, Cash App, TIDAL, and TBD, we build tools to help more people access the economy.

Square helps sellers run and grow their businesses with its integrated ecosystem of commerce solutions, business software, and banking services. With Cash App, anyone can easily send, spend, or invest their money in stocks or Bitcoin. Spiral (formerly Square Crypto) builds and funds free, open-source Bitcoin projects. Artists use TIDAL to help them succeed as entrepreneurs and connect more deeply with fans. TBD is building an open developer platform to make it easier to access Bitcoin and other blockchain technologies without having to go through an institution.

Why Work With Us

Across our ecosystem, we’re working to help our diverse audiences — sellers, individuals, artists, fans, developers, and all the people in between — overcome barriers to access the economy.

Gallery

Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery
Gallery

Block Offices

Hybrid Workspace

Employees engage in a combination of remote and on-site work.

Most employees can join Block in an office location, from home, or with a mix of both. We create work spaces and experiences that help individuals and teams to be their most creative and collaborative.

Typical time on-site: Flexible
Oakland, CA
By clicking Apply you agree to share your profile information with the hiring company.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account